This repository has been archived on 2024-07-22. You can view files and clone it, but cannot push or open issues or pull requests.
mastodon/app/controllers/api/v1/admin/trends
Claire 62c6e12fa5
Fix admin API unconditionally requiring CSRF token (#17975)
Fixes #17898

Since #17204, the admin API has only been available through the web
application because of the unconditional requirement to provide a valid CSRF
token.

This commit changes it back to `null_session`, which should make it work
both with session-based authentication (provided a CSRF token) and with a
bearer token.
2022-04-06 20:57:18 +02:00
..
links_controller.rb Fix admin API unconditionally requiring CSRF token (#17975) 2022-04-06 20:57:18 +02:00
statuses_controller.rb Fix admin API unconditionally requiring CSRF token (#17975) 2022-04-06 20:57:18 +02:00
tags_controller.rb Fix admin API unconditionally requiring CSRF token (#17975) 2022-04-06 20:57:18 +02:00